You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The documentation states that in Part Two of an Auth Code flow, redirect_uri must contain "the same redirect URI the user was redirect back to".
However, as per #1096, it should actually match the redirect_uri from the authorization request, and it must be omitted if it was not present in that request.
I suggest changing the redirect_uri line in Part Two to:
redirect_uri required if the redirect_uri parameter was included in Part One, and their values MUST be identical. Otherwise, this parameter must be omitted.
The text was updated successfully, but these errors were encountered:
The documentation states that in Part Two of an Auth Code flow, redirect_uri must contain "the same redirect URI the user was redirect back to".
However, as per #1096, it should actually match the redirect_uri from the authorization request, and it must be omitted if it was not present in that request.
I suggest changing the redirect_uri line in Part Two to:
redirect_urirequired if theredirect_uriparameter was included in Part One, and their values MUST be identical. Otherwise, this parameter must be omitted.The text was updated successfully, but these errors were encountered: